Information security analytics

A hospital has lost 100 computer disks containing personal information about patients. North Wales NHS Trust is carrying out a review of its data security following the incident at Glan Clwyd hospital in Denbighshire last month. The disks, which were to be destroyed, are believed to have been disposed of "inadvertently" with other waste. The trust said the disks would have been crushed and buried in landfill and the information could not be retrieved.

In a new study published by Credant, which specializes in tools used to encrypt or block data being saved onto mobile devices, the company found that 67 percent of the 323 IT workers it surveyed consider the iPod to be a potential data security risk. - read more: infoworld.com

A FINANCE company has admitted sending confidential information about customers, including their bank account numbers, to a stranger.

What's Wikileaks, the net's foremost document leaking site, supposed to do when a whistle-blower submits a list of email addresses belonging to the site's confidential donors as a leaked document? That's exactly the conundrum Wikileaks faced this week after someone from the controversial whistle-blowing site sent an emergency fund-raising appeal on Saturday to previous donors. But instead of hiding email addresses from the recipients by using the bcc field, the sender put 58 addresses into the cc field, revealing all the addresses to all the recipients.

Clayton County Sheriff Kem Kimbrough is investigating a security breach after some deputies’ personal information was taken from internal files.The records include Social Security numbers, driver’s license numbers, dates of birth, phone numbers, employee identification numbers and an inmate’s medical information. Some internal investigation files have also turned up missing.

WASHINGTON - The Los Alamos nuclear weapons laboratory in New Mexico is missing 67 computers, including 13 that were lost or stolen in the past year. Officials said no classified information has been lost. The watchdog group Project on Government Oversight released a memo dated Feb. 3 from the Energy Department's National Nuclear Security Administration outlining the loss of the computers.

Online banking bandits pulled thousands of dollars from the accounts of current and former SemGroup LP employees after personal information was inadvertently left on a bankruptcy court document made public last summer. SemGroup officials said, however, that as far as they are aware, all the money was returned to the accounts and no funds have been lost. About 60 current and former employees or creditors were affected by the account fraud, which moved as much as $10,000 from some accounts into online stock trading accounts, SemGroup spokesman Lance Ignon confirmed Tuesday.

The average UK data breach in business costs Р€1.7m, according to privacy and information management research firm Ponemon Institute. In an annual report sponsored by security firm PGP Corporation, it is estimated that costs incurred by UK businesses after experiencing a data breach had risen from Р€1.4m in 2007 to Р€1.7m in 2008. The "2008 Annual Study: UK Cost of a Data Breach" report says, on average, each lost customer record costs firms Р€60, a 28% increase on 2007's figure of Р€47.

The Supreme Court will soon hear arguments in City of Ontario v. Quon, an important Fourth Amendment case involving the privacy of electronic communications in the workplace.

One more significant data loss took place in Japan—this time several Kanagawa prefectural senior high schools in Yokogama were hit by the insiders. Discredited data contained personal information about education payment invoices of 110 thousand students. By the most probable version of the incident personal data of several dozens thousands students got in Winny file-exchange network as a result of carelessness of one of prefectural workers.